Only whitelist messages.json files in _locales for content verification

extensions/browser/content_hash_fetcher.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "extensions/browser/content_hash_fetcher.h"
 
 #include <stddef.h>
 
 #include <algorithm>
 #include <memory>
@@ skipping 56 matching lines @@
   // Cancels this job, which will attempt to stop I/O operations sooner than
   // just waiting for the entire job to complete. Safe to call from any thread.
   void Cancel();
 
   // Checks whether this job has been cancelled. Safe to call from any thread.
   bool IsCancelled();
 
   // Returns whether this job was successful (we have both verified contents
   // and computed hashes). Even if the job was a success, there might have been
   // files that were found to have contents not matching expectations; these
-  // are available by calling hash_mismatch_paths().
+  // are available by calling hash_mismatch_unix_paths().
   bool success() { return success_; }
 
   bool force() { return force_; }
 
   const std::string& extension_id() { return extension_id_; }
 
-  // Returns the set of paths that had a hash mismatch.
-  const std::set<base::FilePath>& hash_mismatch_paths() {
-    return hash_mismatch_paths_;
+  // Returns the set of paths (with unix style / separators) that had a hash

[Devlin, 2017/04/24 15:06:56]

I read this as "unix style/separators" rather than "unix style '/' separators". 
Can we put '/' in quotes?

[lazyboy, 2017/04/24 18:29:58]

Done.

+  // mismatch.
+  const std::set<base::FilePath>& hash_mismatch_unix_paths() {
+    return hash_mismatch_unix_paths_;
   }
 
  private:
   friend class base::RefCountedThreadSafe<ContentHashFetcherJob>;
   ~ContentHashFetcherJob() override;
 
   // Tries to load a verified_contents.json file at |path|. On successfully
   // reading and validing the file, the verified_contents_ member variable will
   // be set and this function will return true. If the file does not exist, or
   // exists but is invalid, it will return false. Also, any invalid
@@ skipping 51 matching lines @@
   ContentVerifierKey key_;
 
   // The parsed contents of the verified_contents.json file, either read from
   // disk or fetched from the network and then written to disk.
   std::unique_ptr<VerifiedContents> verified_contents_;
 
   // Whether this job succeeded.
   bool success_;
 
   // Paths that were found to have a mismatching hash.
-  std::set<base::FilePath> hash_mismatch_paths_;
+  std::set<base::FilePath> hash_mismatch_unix_paths_;
 
   // The block size to use for hashing.
   int block_size_;
 
   // Note: this may be accessed from multiple threads, so all access should
   // be protected by |cancelled_lock_|.
   bool cancelled_;
 
   // A lock for synchronizing access to |cancelled_|.
   base::Lock cancelled_lock_;
@@ skipping 241 matching lines @@
     paths.insert(full_path);
   }
 
   // Now iterate over all the paths in sorted order and compute the block hashes
   // for each one.
   ComputedHashes::Writer writer;
   for (SortedFilePathSet::iterator i = paths.begin(); i != paths.end(); ++i) {
     if (IsCancelled())
       return false;
     const base::FilePath& full_path = *i;
-    base::FilePath relative_path;
-    extension_path_.AppendRelativePath(full_path, &relative_path);
-    relative_path = relative_path.NormalizePathSeparatorsTo('/');
+    base::FilePath relative_unix_path;
+    extension_path_.AppendRelativePath(full_path, &relative_unix_path);
+    relative_unix_path = relative_unix_path.NormalizePathSeparatorsTo('/');
 
-    if (!verified_contents_->HasTreeHashRoot(relative_path))
+    if (!verified_contents_->HasTreeHashRoot(relative_unix_path))
       continue;
 
     std::string contents;
     if (!base::ReadFileToString(full_path, &contents)) {
       LOG(ERROR) << "Could not read " << full_path.MaybeAsASCII();
       continue;
     }
 
     // Iterate through taking the hash of each block of size (block_size_) of
     // the file.
     std::vector<std::string> hashes;
     ComputedHashes::ComputeHashesForContent(contents, block_size_, &hashes);
     std::string root =
         ComputeTreeHashRoot(hashes, block_size_ / crypto::kSHA256Length);
-    if (!verified_contents_->TreeHashRootEquals(relative_path, root)) {
-      VLOG(1) << "content mismatch for " << relative_path.AsUTF8Unsafe();
-      hash_mismatch_paths_.insert(relative_path);
+    if (!verified_contents_->TreeHashRootEquals(relative_unix_path, root)) {
+      VLOG(1) << "content mismatch for " << relative_unix_path.AsUTF8Unsafe();
+      hash_mismatch_unix_paths_.insert(relative_unix_path);
       continue;
     }
 
-    writer.AddHashes(relative_path, block_size_, hashes);
+    writer.AddHashes(relative_unix_path, block_size_, hashes);
   }
   bool result = writer.WriteToFile(hashes_file);
   UMA_HISTOGRAM_TIMES("ExtensionContentHashFetcher.CreateHashesTime",
                       timer.Elapsed());
   return result;
 }
 
 void ContentHashFetcherJob::DispatchCallback() {
   {
     base::AutoLock autolock(cancelled_lock_);
@@ skipping 68 matching lines @@
   }
 }
 
 void ContentHashFetcher::JobFinished(scoped_refptr<ContentHashFetcherJob> job) {
   if (!job->IsCancelled()) {
     // Note: Run can result in ContentHashFetcher::ExtensionUnloaded.
     //
     // TODO(lazyboy): Add a unit test to cover the case where Run can result in
     // ContentHashFetcher::ExtensionUnloaded, once https://crbug.com/702300 is
     // fixed.
-    fetch_callback_.Run(job->extension_id(),
-                        job->success(),
-                        job->force(),
-                        job->hash_mismatch_paths());
+    fetch_callback_.Run(job->extension_id(), job->success(), job->force(),
+                        job->hash_mismatch_unix_paths());
   }
 
   for (JobMap::iterator i = jobs_.begin(); i != jobs_.end(); ++i) {
     if (i->second.get() == job.get()) {
       jobs_.erase(i);
       break;
     }
   }
 }
 
 }  // namespace extensions